JP4602981B2 - 分散ファイルシステム・ネットワーク・セキュリティ拡張 - Google Patents

分散ファイルシステム・ネットワーク・セキュリティ拡張 Download PDF

Info

Publication number
JP4602981B2
JP4602981B2 JP2006530468A JP2006530468A JP4602981B2 JP 4602981 B2 JP4602981 B2 JP 4602981B2 JP 2006530468 A JP2006530468 A JP 2006530468A JP 2006530468 A JP2006530468 A JP 2006530468A JP 4602981 B2 JP4602981 B2 JP 4602981B2
Authority
JP
Japan
Prior art keywords
file
port
secure
access
client system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2006530468A
Other languages
English (en)
Japanese (ja)
Other versions
JP2007503652A5 (enExample
JP2007503652A (ja
Inventor
ケオハーン、スーザン、マリー
マクブリーティ、ジェラルド、フランシス
ミューレン、ショーン、パトリック
ムリーリョ、ジェシカ、ケリー
シェ、ジョニー、メン−ハン
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of JP2007503652A publication Critical patent/JP2007503652A/ja
Publication of JP2007503652A5 publication Critical patent/JP2007503652A5/ja
Application granted granted Critical
Publication of JP4602981B2 publication Critical patent/JP4602981B2/ja
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Storage Device Security (AREA)
  • Information Transfer Between Computers (AREA)
  • Small-Scale Networks (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
JP2006530468A 2003-05-22 2004-04-15 分散ファイルシステム・ネットワーク・セキュリティ拡張 Expired - Fee Related JP4602981B2 (ja)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/443,675 US7917751B2 (en) 2003-05-22 2003-05-22 Distributed filesystem network security extension
PCT/GB2004/001629 WO2004104902A1 (en) 2003-05-22 2004-04-15 Distributed filesystem network security extension

Publications (3)

Publication Number Publication Date
JP2007503652A JP2007503652A (ja) 2007-02-22
JP2007503652A5 JP2007503652A5 (enExample) 2010-04-30
JP4602981B2 true JP4602981B2 (ja) 2010-12-22

Family

ID=33450477

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2006530468A Expired - Fee Related JP4602981B2 (ja) 2003-05-22 2004-04-15 分散ファイルシステム・ネットワーク・セキュリティ拡張

Country Status (12)

Country Link
US (1) US7917751B2 (enExample)
EP (1) EP1625524B1 (enExample)
JP (1) JP4602981B2 (enExample)
KR (1) KR100906119B1 (enExample)
CN (1) CN100530207C (enExample)
AT (1) ATE339733T1 (enExample)
BR (1) BRPI0410569B1 (enExample)
CA (1) CA2525249C (enExample)
DE (1) DE602004002401T2 (enExample)
IL (1) IL172054A (enExample)
TW (1) TWI282229B (enExample)
WO (1) WO2004104902A1 (enExample)

Families Citing this family (46)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7124171B1 (en) * 2002-05-23 2006-10-17 Emc Corporation In a networked computing cluster storage system and plurality of servers sharing files, in the event of server unavailability, transferring a floating IP network address from first server to second server to access area of data
US7480700B2 (en) * 2004-04-27 2009-01-20 Apple Inc. Method and system for retrieval and usage of remote entry points
US7827294B2 (en) 2004-05-06 2010-11-02 American Express Travel Related Services Company, Inc. System and method for dynamic security provisioning of computing resources
US20060031326A1 (en) * 2004-07-06 2006-02-09 Francis Ovenden Managing personal communications from a calendar scheduling application
US7640346B2 (en) * 2005-02-01 2009-12-29 Microsoft Corporation Dispatching network connections in user-mode
JP4722519B2 (ja) * 2005-03-25 2011-07-13 株式会社日立製作所 計算機システム及びストレージサーバ、検索サーバ、端末装置並びに検索方法
US7742498B2 (en) * 2005-05-17 2010-06-22 At&T Intellectual Property Ii, L.P. Method and apparatus for routing a call to a dual mode wireless device
US8984636B2 (en) 2005-07-29 2015-03-17 Bit9, Inc. Content extractor and analysis system
US8272058B2 (en) 2005-07-29 2012-09-18 Bit 9, Inc. Centralized timed analysis in a network security system
US7895651B2 (en) 2005-07-29 2011-02-22 Bit 9, Inc. Content tracking in a network security system
JP4600762B2 (ja) * 2005-08-31 2010-12-15 ソニー株式会社 情報処理装置および方法、並びにプログラム
KR100810368B1 (ko) * 2006-07-10 2008-03-07 주식회사 한글과 컴퓨터 그룹 내 문서에 대한 유출 방지 및 접근 제어 시스템
US8874907B1 (en) * 2007-09-28 2014-10-28 Symantec Operating Corporation Controlling access to an NFS share
US8560833B2 (en) * 2010-10-29 2013-10-15 Aruba Networks, Inc. Automatic secure client access
US8959113B2 (en) 2011-03-30 2015-02-17 Open Text S.A. System, method and computer program product for managing tabulated metadata
US9483542B2 (en) 2011-09-23 2016-11-01 Hybrid Logic Ltd System for live-migration and automated recovery of applications in a distributed system
US9501543B2 (en) 2011-09-23 2016-11-22 Hybrid Logic Ltd System for live-migration and automated recovery of applications in a distributed system
US10331801B2 (en) 2011-09-23 2019-06-25 Open Invention Network, Llc System for live-migration and automated recovery of applications in a distributed system
GB2495079A (en) 2011-09-23 2013-04-03 Hybrid Logic Ltd Live migration of applications and file systems in a distributed system
US10311027B2 (en) 2011-09-23 2019-06-04 Open Invention Network, Llc System for live-migration and automated recovery of applications in a distributed system
US9547705B2 (en) * 2011-09-23 2017-01-17 Hybrid Logic Ltd System for live-migration and automated recovery of applications in a distributed system
US9477739B2 (en) 2011-09-23 2016-10-25 Hybrid Logic Ltd System for live-migration and automated recovery of applications in a distributed system
TW201351194A (zh) * 2012-06-07 2013-12-16 Askey Computer Corp 可攜式電子裝置的資料保護方法及其電腦程式產品
US8635668B1 (en) * 2012-07-11 2014-01-21 International Business Machines Corporation Link analysis tool for security information handling system
US8806575B2 (en) 2012-07-11 2014-08-12 International Business Machines Corporation Network selection tool for information handling system
US8898769B2 (en) 2012-11-16 2014-11-25 At&T Intellectual Property I, Lp Methods for provisioning universal integrated circuit cards
US8959331B2 (en) 2012-11-19 2015-02-17 At&T Intellectual Property I, Lp Systems for provisioning universal integrated circuit cards
US9513803B2 (en) * 2012-12-21 2016-12-06 Intel Corporation Tagging in a storage device
US9699141B2 (en) * 2013-04-03 2017-07-04 Symantec Corporation Method and apparatus for integrating security context in network routing decisions
US9036820B2 (en) 2013-09-11 2015-05-19 At&T Intellectual Property I, Lp System and methods for UICC-based secure communication
US9124573B2 (en) 2013-10-04 2015-09-01 At&T Intellectual Property I, Lp Apparatus and method for managing use of secure tokens
US9208300B2 (en) 2013-10-23 2015-12-08 At&T Intellectual Property I, Lp Apparatus and method for secure authentication of a communication device
US9240994B2 (en) 2013-10-28 2016-01-19 At&T Intellectual Property I, Lp Apparatus and method for securely managing the accessibility to content and applications
US9313660B2 (en) 2013-11-01 2016-04-12 At&T Intellectual Property I, Lp Apparatus and method for secure provisioning of a communication device
US9240989B2 (en) 2013-11-01 2016-01-19 At&T Intellectual Property I, Lp Apparatus and method for secure over the air programming of a communication device
US9413759B2 (en) 2013-11-27 2016-08-09 At&T Intellectual Property I, Lp Apparatus and method for secure delivery of data from a communication device
CN103905466B (zh) * 2014-04-22 2017-01-11 郭伟 一种存储系统数据访问控制系统及其方法
US9713006B2 (en) 2014-05-01 2017-07-18 At&T Intellectual Property I, Lp Apparatus and method for managing security domains for a universal integrated circuit card
US9628486B2 (en) 2014-10-23 2017-04-18 Vormetric, Inc. Access control for data blocks in a distributed filesystem
US10558818B2 (en) * 2017-02-22 2020-02-11 Red Hat, Inc. Supporting security access controls in an overlay filesystem
US11042641B2 (en) * 2018-09-11 2021-06-22 Amari.Ai Incorporated Deployment and communications gateway for deployment, trusted execution, and secure communications
US11552943B2 (en) * 2020-11-13 2023-01-10 Cyberark Software Ltd. Native remote access to target resources using secretless connections
EP4106290A1 (en) * 2021-06-17 2022-12-21 Deutsche Telekom AG A method for operating a distributed application
US12314421B2 (en) 2023-07-12 2025-05-27 International Business Machines Corporation Ransomware safe filesystem (RSFS)
US20250232048A1 (en) * 2024-01-12 2025-07-17 International Business Machines Corporation Apparatus and methods for modifying a union file system using supercopy control
CN119808171B (zh) * 2024-12-10 2025-09-23 湖南麒麟信安科技股份有限公司 一种加密文件系统的数据完整性校验方法及系统

Family Cites Families (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6850252B1 (en) * 1999-10-05 2005-02-01 Steven M. Hoffberg Intelligent electronic appliance system and method
US5758334A (en) 1995-07-05 1998-05-26 International Business Machines Corporation File system remount operation with selectable access modes that saves knowledge of the volume path and does not interrupt an executing process upon changing modes
US6006018A (en) * 1995-10-03 1999-12-21 International Business Machines Corporation Distributed file system translator with extended attribute support
US6081610A (en) * 1995-12-29 2000-06-27 International Business Machines Corporation System and method for verifying signatures on documents
JPH09305682A (ja) 1996-05-13 1997-11-28 Sony Corp 通信装置
JPH10124427A (ja) 1996-06-19 1998-05-15 At & T Corp 自動的にネットワーク再構成を行なうためのシステムおよび方法
US5903732A (en) * 1996-07-03 1999-05-11 Hewlett-Packard Company Trusted gateway agent for web server programs
JPH10171879A (ja) 1996-12-06 1998-06-26 Purosupaa Kurieiteibu:Kk 商品販売システム、その情報通信方法およびその記録媒体
JPH10229459A (ja) 1996-12-09 1998-08-25 Nippon Telegr & Teleph Corp <Ntt> 有料情報の送出方法、その装置および記録媒体
CN1225186A (zh) * 1996-12-18 1999-08-04 亚历山大S·奥伦斯坦 用于从远程站访问应用服务程序的安全系统
US5931947A (en) * 1997-09-11 1999-08-03 International Business Machines Corporation Secure array of remotely encrypted storage devices
US6405315B1 (en) * 1997-09-11 2002-06-11 International Business Machines Corporation Decentralized remotely encrypted file system
US6574661B1 (en) * 1997-09-26 2003-06-03 Mci Communications Corporation Integrated proxy interface for web based telecommunication toll-free network management using a network manager for downloading a call routing tree to client
US6058400A (en) * 1998-04-28 2000-05-02 Sun Microsystems, Inc. Highly available cluster coherent filesystem
JP2000010921A (ja) 1998-06-19 2000-01-14 Nec Corp 通信方法および通信システム、並びに記録媒体
JP2000067120A (ja) 1998-08-19 2000-03-03 Nec Corp プログラムダウンロードによるインターネット迂回ルートの自動確立装置および方法
JP2000076336A (ja) 1998-08-31 2000-03-14 Fujitsu Ltd 電子決済認証システム及び電子商取引サービスプロバイダ装置
WO2000019324A1 (en) * 1998-09-28 2000-04-06 Argus Systems Group, Inc. Trusted compartmentalized computer operating system
US6772333B1 (en) * 1999-09-01 2004-08-03 Dickens Coal Llc Atomic session-start operation combining clear-text and encrypted sessions to provide id visibility to middleware such as load-balancers
US6782418B1 (en) * 2000-01-24 2004-08-24 General Electric Company Method and apparatus for secure data file uploading
US6952780B2 (en) * 2000-01-28 2005-10-04 Safecom A/S System and method for ensuring secure transfer of a document from a client of a network to a printer
KR20010096814A (ko) * 2000-04-14 2001-11-08 홍기융 전자서명 인증기반 파일시스템 해킹방지용 보안커널 방법
US7010689B1 (en) * 2000-08-21 2006-03-07 International Business Machines Corporation Secure data storage and retrieval in a client-server environment
US6947556B1 (en) * 2000-08-21 2005-09-20 International Business Machines Corporation Secure data storage and retrieval with key management and user authentication
US7089585B1 (en) * 2000-08-29 2006-08-08 Microsoft Corporation Method and system for authorizing a client computer to access a server computer
US7003799B2 (en) * 2001-01-30 2006-02-21 Hewlett-Packard Development Company, L.P. Secure routable file upload/download across the internet
US7073055B1 (en) * 2001-02-22 2006-07-04 3Com Corporation System and method for providing distributed and dynamic network services for remote access server users
US6931530B2 (en) * 2002-07-22 2005-08-16 Vormetric, Inc. Secure network file access controller implementing access control and auditing
US6678828B1 (en) * 2002-07-22 2004-01-13 Vormetric, Inc. Secure network file access control system
US7143288B2 (en) * 2002-10-16 2006-11-28 Vormetric, Inc. Secure file system server architecture and methods
US7565533B2 (en) * 2002-11-05 2009-07-21 Sun Microsystems, Inc. Systems and methods for providing object integrity and dynamic permission grants
US8683031B2 (en) * 2004-10-29 2014-03-25 Trustwave Holdings, Inc. Methods and systems for scanning and monitoring content on a network

Also Published As

Publication number Publication date
CN1791878A (zh) 2006-06-21
BRPI0410569B1 (pt) 2016-08-23
EP1625524B1 (en) 2006-09-13
ATE339733T1 (de) 2006-10-15
CA2525249A1 (en) 2004-12-02
US20040236745A1 (en) 2004-11-25
TWI282229B (en) 2007-06-01
DE602004002401T2 (de) 2007-09-20
EP1625524A1 (en) 2006-02-15
DE602004002401D1 (de) 2006-10-26
BRPI0410569A (pt) 2006-06-20
KR20060015714A (ko) 2006-02-20
IL172054A (en) 2012-09-24
WO2004104902A1 (en) 2004-12-02
JP2007503652A (ja) 2007-02-22
US7917751B2 (en) 2011-03-29
CN100530207C (zh) 2009-08-19
KR100906119B1 (ko) 2009-07-07
TW200507570A (en) 2005-02-16
IL172054A0 (en) 2011-08-01
CA2525249C (en) 2011-03-29

Similar Documents

Publication Publication Date Title
JP4602981B2 (ja) 分散ファイルシステム・ネットワーク・セキュリティ拡張
US8335915B2 (en) Encryption based security system for network storage
JP6656157B2 (ja) ネットワーク接続自動化
JP3745961B2 (ja) ネットワークと接続している記憶システムへの接続を認証するための方法および装置
JP3779154B2 (ja) ネットワークに接続された記憶システムのデータ管理を提供する方法および装置
KR101474226B1 (ko) 원격 리소스에 대한 이용가능한 보안 액세스를 위한 웜홀디바이스들
EP2625643B1 (en) Methods and systems for providing and controlling cryptographically secure communications across unsecured networks between a secure virtual terminal and a remote system
CN100375434C (zh) 非置信服务器环境中san管理的安全系统和方法
US20240333772A1 (en) Systems and methods for secure, scalable zero trust security processing
US20170169227A1 (en) Methods and systems for providing and controlling cryptographic secure communications terminal providing a remote desktop accessible in secured and unsecured environments
JP3976324B2 (ja) セキュリティレベルに応じて記憶領域を計算機に割り当てるシステム
JP2004528609A (ja) フィルタリングのなされたアプリケーション間通信
WO2007140671A1 (en) A internet access server for isolating the internal network from the external network and a process method thereof
JP4168052B2 (ja) 管理サーバ
EP1388061A2 (en) Encryption based security system for network storage
CN111628960A (zh) 用于网络管理的系统和方法
JP2007102761A (ja) ストレージ装置へのアクセスを制限するためのシステムと方法
KR100875964B1 (ko) 네트워크 스토리지 시스템
JP2005157682A (ja) ネットワーク防御システムおよび共有ストレージ装置
Bishop et al. Windows Firewall with Advanced Security Design Guide and Deployment Guide
WO2016192765A1 (en) Authentication and authorization based on credentials and ticket

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20070413

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20100312

A871 Explanation of circumstances concerning accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A871

Effective date: 20100312

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20100402

A975 Report on accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A971005

Effective date: 20100423

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20100427

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20100726

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20100921

A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20100930

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20131008

Year of fee payment: 3

R150 Certificate of patent or registration of utility model

Free format text: JAPANESE INTERMEDIATE CODE: R150

LAPS Cancellation because of no payment of annual fees